Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: SANS Internet Storm Center

SANS Site Network

Current Site

SANS Internet Storm Center

Other SANS Sites Help

Graduate Degree Programs

Security Training

Security Certification

Security Awareness Training

Penetration Testing

Industrial Control Systems

Cyber Defense Foundations

DFIR

Software Security

Government OnSite Training

SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Log In or Sign Up for Free!

Multiple Greeting Card scams; MSFT time server; Sober next Monday; Netscape 8.01; Pharming
Multiple Greeting Card Scams We did get reports about a couple of greeting card scams. They use different domains (bluemountain.com, 123greetings.com). It is important to note that these scams use different domains. If you include greeting card scams in your awareness training, make sure to point out that they may use less known domain names as well. Netscape 8.01 Yesterday's diary pointed out the release of Netscape 8.0. Well, today AOL released a security update (version 8.01). Please make sure you download it. While initial reports of >40 bugs turned out to be inflated, there are still a few issues (about 3-5) that are fixed in 8.01. MSFT Time Server We have one report and some personal observations that the default Microsoft time server (time.windows.com) is having problems. If you are using this time server (it is the default time server for Windows XP installs), make sure you are still able to connect, or let us know if you see any error messages. Sober deadline for next monday The version of Sober responsible for last weeks outbreak of German spam is said to trigger some as of now unknown payload on Monday, May 23rd. If you know what it will do, let us know. The messages are believed to relate to this weekends elections in one of Germany's larger states. Pharming Pharming: Does it exist? We do get ongoing requests for statistics about actual "Pharming Attacks". So far, the response has been easy: "None". While the DNS cache poisoning attack from a few months ago has been called "pharming" by some, it wasn't according to our definition of the term, as it did not attempt to spoof a bank site to obtain passwords. However, pharming is a rather new term, and like other new terms it may stretch itself until it finds a purpose. ------------- Johannes Ullrich jullrich@';drop table email;'sans.org' SANS Institute I will be teaching next: Intrusion Detection In-Depth - SANS Doha March 2022	Johannes 4352 Posts ISC Handler May 20th 2005
Thread locked Subscribe	May 20th 2005 1 decade ago

Sign Up for Free or Log In to start participating in the conversation!